External-Mirrors/awx
2
0
Fork 0
mirror of https://github.com/ansible/awx.git synced 2026-02-21 21:20:08 -03:30
Code Issues Packages Projects Releases Wiki Activity
Files
c2c0f2b8288ea07ae5a2f2ca50ef9799b29e30dc
awx/awx_collection/tests/integration/targets/token/tasks/main.yml
Chris Meyers e82de50edb Fix controller_oauthtoken regression and more 
* aap_token now functions like controller_oauthtoken
* lookup('awx.awx.controller_api', ...) fixed
2025-08-15 10:00:37 -04:00

155 lines
3.9 KiB
YAML
Raw Blame History

---
- name: Generate a test ID
set_fact:
test_id: "{{ lookup('password', '/dev/null chars=ascii_letters length=16') }}"
when: test_id is not defined
- name: Generate names
set_fact:
token_description: "AWX-Collection-tests-token-description-{{ test_id }}"
- name: Try to use a token as a dict which is missing the token parameter
job_list:
controller_oauthtoken:
not_token: "This has no token entry"
register: results
ignore_errors: true
- assert:
that:
- results is failed
- '"The provided dict in aap_token did not properly contain the token entry" == results.msg'
- name: Try to use a token as a list
job_list:
controller_oauthtoken:
- dummy_token
register: results
ignore_errors: true
- assert:
that:
- results is failed
- '"The provided aap_token type was not valid (list). Valid options are str or dict." == results.msg'
- name: Try to delete a token with no existing_token or existing_token_id
token:
state: absent
register: results
ignore_errors: true
- assert:
that:
- results is failed
# We don't assert a message here because it's handled by ansible
- name: Try to delete a token with both existing_token or existing_token_id
token:
existing_token:
id: 1234
existing_token_id: 1234
state: absent
register: results
ignore_errors: true
- assert:
that:
- results is failed
# We don't assert a message here because it's handled by ansible
- block:
- name: Create a Token
token:
description: '{{ token_description }}'
scope: "write"
state: present
register: new_token
- name: Validate our token works by token
job_list:
controller_oauthtoken: "{{ controller_token.token }}"
register: job_list
- name: Validate our token works by object
job_list:
controller_oauthtoken: "{{ controller_token }}"
register: job_list
always:
- name: Delete our Token with our own token
token:
existing_token: "{{ controller_token }}"
controller_oauthtoken: "{{ controller_token }}"
state: absent
when: controller_token is defined
register: results
- assert:
that:
- results is changed or results is skipped
- block:
- name: Create a second token
token:
description: '{{ token_description }}'
scope: "write"
state: present
register: results
- assert:
that:
- results is changed
always:
- name: Delete the second Token with our own token
token:
existing_token_id: "{{ controller_token['id'] }}"
controller_oauthtoken: "{{ controller_token }}"
state: absent
when: controller_token is defined
register: results
- assert:
that:
- results is changed or resuslts is skipped
- block:
- name: Create a less privileged token (read)
token:
description: '{{ token_description }}'
scope: "read"
state: present
register: read_only_token
- debug:
msg: "{{read_only_token}}"
- name: Exercise the aap_token parameter with the new token.
job_list:
aap_token: "{{ read_only_token.ansible_facts.controller_token.token }}"
- name: Ensure the new token is being used and not the default token for the tests.
token:
aap_token: "{{ read_only_token.ansible_facts.controller_token.token }}"
scope: "write"
state: present
ignore_errors: true
register: result
- assert:
that:
- "'You don\\'t have permission to POST' in result.msg"
always:
- name: Delete the less privileged token
token:
existing_token_id: "{{ read_only_token['id'] }}"
state: absent
when: read_only_token is defined
register: result
- assert:
that:
- result is changed
Reference in New Issue View Git Blame Copy Permalink